Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [bitlocker]

Microsoft Windows technology for full disk(volume) encryption.

BitLocker is a full disk encryption feature that adds a layer of security to storage devices to protect data and sensitive information from falling into the wrong hands. BitLocker is available in the Windows 7 Enterprise and Ultimate Operating Systems as well as Windows Server 2008 and 2008 R2 Operating Systems.

Features include:

  • Multi-factor authentication
  • Ability to encrypt Removable storage devices
  • AES 128-bit encryption
  • Group Policy and Active Directory integration
143 questions
4
votes
2 answers

Can bitlocker be used in the guest OS of HyperV Windows VM?

We are studying the possibility of using BitLocker inside the guest OS of VM (i.e. not the parent OS on the VM host). We have both Win2008R2 VM and Win2012(not R2) VM. And we found this…
Lapson
  • 41
  • 1
  • 1
  • 3
4
votes
3 answers

What backup strategies to use with Bitlocker?

I'm looking at using Bitlocker on a new laptop. I have been using Acronis for full image backups; it would take me way too much time to reinstall and configure from scratch in the event of a stolen laptop. I would like to do periodic full system…
Mike
  • 659
  • 1
  • 6
  • 7
4
votes
1 answer

unlock-bde application not found error prevalent in Windows 8

I have encrypted a drive with BitLocker in Windows 8 Pro, but the drive will not auto-unlock. I can manually unlock the drive from BitLocker in the Control Panel. However from Windows Explorer, I keep seeing the "unlock-bde" command that reports…
felipe55
  • 43
  • 1
  • 4
4
votes
1 answer

Dell PowerEdge Server BitLocker Hotswap Hard disks

We have a Windows 2008 R2 Server running on a Dell PowerEdge R310 Server with Bitlocker enabled. There are two physical Hard disks configured as RAID 1. One of the disks recently started having an issue, so we have now have a warranty covered…
JoshODBrown
  • 345
  • 4
  • 13
4
votes
3 answers

BitLocker with TPM but no startup PIN concerns my users - what should I tell them?

My infrastructue uses BitLocker encrypted drives with TPM but no start up PIN. Recovery keys are stored in the AD. A few of my users are worried that no startup PIN is insecure as to the old WinMagic setup with a startup PIN before booting the…
sjldk
  • 41
  • 2
4
votes
2 answers

What is the WMI class to manage BitLockerToGo

I am working on a script that will be used to audit some machines. I can check whether or not volumes are encrypted using the Win32_EncryptableVolume class in root\cimv2\Security\EncryptableVolume. What class can I can query for info on…
Andy Schneider
  • 1,543
  • 5
  • 19
  • 28
3
votes
4 answers

How useful is Bitlocker without a TPM?

When you install Bitlocker on a system without a TPM you need to put the startup key on a flash drive. Since you can hardly expect the user to store his notebook and flash drive separately, would Bitlocker offer any advantage over an unencrypted…
laktak
  • 686
  • 2
  • 9
  • 16
3
votes
1 answer

Wiping Bitlocker Drive Key Sector

I have a 4TB drive that has been bitlocker encrypted (via password) since day one and want to wipe it before I sell it used. The process looks like it's going to take 100+ hours via nwipe but I was wondering if there was any public info on what…
Nuvious
  • 165
  • 1
  • 6
3
votes
2 answers

Protect mounted Bitlocker drive from other users

I have a Windows Server 2012 machine where I have created a VHD disk that is stored on my Desktop. That disk is encrypted by Bitlocker. However when I mount the disk and enter the encryption password, other users (Administrators) can also access the…
Kano
  • 31
  • 3
3
votes
1 answer

Double Bitlocker Recovery Tab in Active Directory

I've strange issue with double bitlocker tab having exactly same look. Any idea how I can remove one?
MadBoy
  • 3,725
  • 15
  • 63
  • 94
3
votes
1 answer

How do I identify which bitlocker protector is active?

BitLockerVolume -MountPoint C).KeyProtector I see multiple RecoveryPassword key protectors, how do I know which one is active? If I pull the HDD and plug it into another machine its going to ask me for one of those keys, but how do I know which key…
red888
  • 4,183
  • 18
  • 64
  • 111
3
votes
2 answers

Reason for TPM lockout

We have several Surface Pro 3 devices deployed with BitLocker enabled in TPM + PIN mode. The devices have a TPM 2.0 chip and are running Windows 8.1 Pro. We have an issue where users are occasionally presented with the "Too many incorrect PIN…
dbr
  • 1,852
  • 3
  • 23
  • 38
3
votes
1 answer

Is it safe to delete old bitlocker keys from AD

So I have a bunch of old bitlocker keys stored with some computer accounts (the msFVE-RecoveryInformation attribute): Bitlocker has re-run multiple times and every time it re-encrypts it generates and backs up a new recovery password of course- so…
red888
  • 4,183
  • 18
  • 64
  • 111
3
votes
5 answers

How do I add bitlocker support commands to winpe?

Tried following this tutorial https://4sysops.com/archives/unlock-bitlocker-under-windows-pe/ But when I boot up my winpe image and try to run manage-bde I can "manage-bde is not recognized..." Here are the packages I added to my Windows 10 x64…
red888
  • 4,183
  • 18
  • 64
  • 111
3
votes
1 answer

Automatic unlock bitlocker to go (usb stick) on domain computer

Is there a way to automatically unlock bitlocker encrypted USB sticks on windows computers that are domain joined (8.1 Enterprise)? (e.g., based on the "BitLocker identification Field"?) The scenario I'm thinking of is that the IT department…
Robbie
  • 163
  • 6
1
2
3
9 10